Payment fraud: How to reduce the risk of your company being victimized

In a recent Association for Financial Professionals survey, 71% of respondents said their companies experienced attempted or actual payment fraud in 2010. Many experts predict higher figures for 2011, as the depressed economy and high unemployment propel more Americans toward fraudulent activity.

To learn about the current fraud environment and strategies businesses can implement to reduce the risk of becoming fraud victims, we interviewed Paula Gaines, Vice President and Treasury Management Officer at First Tennessee Bank.

What are some current trends in payment fraud?

Checks continue to be the method of choice, especially when there's a breakdown in controls, such as companies not using positive pay with payee name verification or placing signed checks in an unmonitored, outgoing mail bin. In these situations, opportunistic employees and outsiders use valid routing and accounting numbers to create fictitious checks, or alter payee names on stolen checks before cashing them.

Billing or accounts payable (A/P) fraud represents the largest percentage of fraud incidents, with expense reimbursement, check tampering, and payroll closely behind, according to the Association of Certified Fraud Examiners (ACFE) 2010 Report to the Nations on Occupational Fraud and Abuse.

How does the weak economy affect fraud levels?

In desperate times, people take risks they otherwise wouldn't, so high unemployment and under-employment contribute greatly. You may also have disgruntled employees due to downsizing or right-sizing, if workloads increase but pay doesn't. Outside the company, hard times increase the threat from devious vendors, subcontractors, and fraud rings.

What are the biggest threats from individuals outside of the company?

Check fraud is still the most prolific in terms of volumes and dollars lost, but fraud related to ACH debits/credits and wires represents the highest potential dollar losses because ACH and wires move large sums of money quickly.

How can companies reduce the risk of check and electronic payment fraud from external sources?

Implement ACH debit blocks and electronic payment authorizations on all accounts, as well as positive pay with payee name verification, which matches issue files companies send to the bank against incoming checks in an effort to verify check numbers, amounts, and payee names. The service similarly protects checks converted to an ACH at the point of sale and checks submitted to a branch teller.

Next, review accounts daily using an online banking portal like Business Banking Online from First Tennessee to catch suspicious activity, such as an item that cleared more than once, an unusually large amount, or an unauthorized transaction. Watch for unapplied credits in accounts receivable (A/R) and unapplied debits in accounts payable (A/P).

Finally, ensure your internal computer network and PCs are up to date with virus protection, firewalls, and intrusion/detection software. PCs used for banking transactions should be limited in their access to Internet surfing and external e-mail to prevent becoming infected by viruses and key-logging tools.

How significant is the threat of employee fraud?

Statistics don't always segregate internal from external fraud, but employees are committing invoice or A/P fraud - issuing checks to pay fictitious invoices from fictitious vendors – as well as wire and ACH fraud. The more authority an employee has, the greater the risk and the longer fraud may go undetected. According to ACFE's report, internally driven fraud lasts a median of 18 months before being detected.

How can companies prevent employee payment fraud?

While it may be difficult if your business runs lean, segregate duties so different people manage A/P and A/R processes, and use positive pay with payee name verification. Also, direct your A/R checks to a bank-provided lockbox to eliminate concerns over stolen or misappropriated checks. Alternative strategies include immediately endorsing items for deposit to a business account, locking up undeposited receivables checks, and having more than one person verify deposits.

Finally, document with your bank which employees can move money, for what purposes, up to what amount and with what supporting documentation. To further reduce the risk of payment fraud associated with monetary movement, consider utilizing bank-provided Web applications like First Tennessee's Business Banking Online instead of fax, telephone, or paper requests.

How can First Tennessee help clients mitigate payment fraud risk?

First Tennessee maintains high levels of encryption and deploys multiple levels of authentication - including password protection, secure ID tokens, and site verification – to protect your information.

Additionally, a First Tennessee representative can identify any shortcomings and formulate recommendations to protect your assets. Clients should talk with their Treasury Management Sales Officer or Relationship Manager at least once a year to review their processes and accounts. Based on their recommendations, clients should take swift action to address any weaknesses - rather than waiting until fraud occurs and wishing they had done more in advance to protect their assets.

To learn more about products and services that support payment fraud prevention for your business, contact your Treasury Management Sales Officer or request more information from a First Tennessee Financial Services Representative.